Victoria Police outlines huge IT outsourcing project



news Victoria Police’s trouble-plagued IT department has gone to market for a large tranche of IT outsourcing services, in a deal which will reportedly be worth up to $340 million and see five separate outsourcing contracts consolidated into one substantial contract representing one of the largest such deals in Australia’s public sector this year.

Victoria Police has long been known as one of the most troubled State Government departments or agencies in Australia when it comes to its IT operations. The organisation has lost several senior IT executives over the past half-decade under controversial circumstances, for example, and it failed to deliver on a substantial IT systems replacement project, LINK, which was to replace the outdated 17-year-old crime database which Victoria Police relies on for its everyday operations.

In March 2012, a broad-based investigation into Victoria Police by the State Services Authority found that the organisation had no ability to delivery major IT projects.

The report titled ‘Inquiry into the command, management and functions of the senior structure of Victoria Police’ released last week and available online here found ‘project fatigue’ amongst both sworn police and public servants. The inquiry found a number of projects, reports and reviews since 2005 that referred to a ‘vision’, a ‘long-term strategy’ and the need to ‘modernise’ to bring “Victoria Police to the 21st Century”. The management documentation jargon however, did not have any connection to the practical reality at Victoria Police, according to the report. It is not clear whether Victoria Police currently has a chief information officer leading its IT operations.

However, despite these problems, Victoria Police revealed in documents recently published through the State Government’s tendering system that it was preparing a wholesale revamp of its IT outsourcing operations. Intermedium has reported the potential value of the contract at $340 million.

Currently, according to the documents, the organisation outsources the management and support of its IT systems under five separate contracts, covering mainframe, UNIX and infrastructure support services; desktop support services, as well as Windows-based servers and network infrastructure; application support; procurement services (via a panel of providers; and datacentre and infrastructure services, including disaster recovery.

“Victoria Police is looking to continue outsourcing its IT operations yet retain control of strategic direction and governance,” the organisation wrote in its documents. “The objective is to replace the existing contracts listed above with a new IT services contract providing end-to-end IT Services, with a clear single point of accountability.”

“Victoria Police will set and maintain the strategic direction of services, with the IT Service Provider owning the end-to-end responsibility for the delivery of each service and the IT Service Provider (whether an individual organisation or the primary respondent in a consortium) will be a single point of accountability for IT Service delivery. These outcome based services will focus on delivering the end outcome to the business, with service levels focused on the quality of the service provided to the business.”

“The contract(s) may operate on a 5 year basis with an option for an extension of up to an additional 3 years, commencing on 1 July 2015. The final contract arrangements may differ depending on the outcomes of the procurement process. Victoria Police reserves the right not to enter into any contract for IT Services following the Expressions of Interest Process.” Victoria Police intends to complete evaluation of expressions of interest for the process by November this year; it appears that the organisation would then enter a formal tender process.
It appears that the outsourcing initiative has top-level support within Victoria Police, with the tender documents noting that “a refresh of Victoria Police’s IT contracts” has been identified within the organisation’s recent strategic whole of organisation blueprint as “a key priority”.

The outsourcing initiative will affect a large body of IT infrastructure throughout Victoria Police. The organisation currently has over 16,000 staff spread across the state. It runs a primary datacentre in the Melbourne CBD and a secondary facility running all non-production and disaster recovery services further out in a Melbourne suburb. Regional offices across Victoria also contain a number of “critical servers” and local applications.

Victoria Police currently operates over 500 applications — of which some 300 are listed as being in-scope for the application support aspect of the contract. It runs two IBM z/OS mainframes, Windows and Unix (AIX and Solaris) servers (as well as Red Hat Linux), and some 12,500 desktop PCs and laptops. Some 1,200 tablets are also in use, plus some 2,000 printers.

There are various indications contained in the tender documents that some aspects of the organisation’s IT infrastructure is out of date; a situation not unusual for a State Government agency in Australia.

For example, the documents note Victoria Police is currently transitioning from “an IT asset lease arrangement” to a “Victoria Police IT asset ownership model”. “This includes refreshing the out of warranty hardware, including desktops, printers, servers and switches to own the assets. It appears that much of the organisation’s desktop infrastructure is still based on Windows XP, with an upgrade to Windows 7 and associated modern office software (Office 2010) listed.

Victoria Police also uses a large number of custom-built applications in its operations, compared with off-the-shelf software, which is generally considered easier to maintain. In its documents, only 35 applications are listed as ‘packaged’, and a further 14 are listed as ‘customised’. In comparison, some 217 applications — predominantly based on .NET and Microsoft Access, as well as “ASP classic” are listed as being “custom-built” — “developed from a zero base specifically to support Victoria Police”. However, only 32 applications are listed as having a ‘high’ criticality rating, in that outages regarding them would result in a serious situation which could affect the safety of the public or police officers.

The management of Victoria Police’s IT outsourcing project will no doubt come under close scrutiny in the future from the Victorian Government’s various auditors, due to its troubled history.

In November 2009, for example, the Victorian Ombudsman conducted an own motion investigation into Victoria Police’s purchasing practices around IT services. The document, which is available online in PDF format, found a large amount of “severe anomalies and poor practices”, including improprieties with respect to senior IT management at Victoria Police accepting hospitality from vendors such as IBM.

“In one instance, BITS prepared the documentation for a procurement process for a $20.1 million contract in the space of twenty-four days,” the Ombudsman wrote at the time. “It was a process that many in the industry estimated would normally have required anywhere from 10 to 18 months to be done effectively and efficiently.”

“I consider that record-keeping and file maintenance within BITS over the past three years at least, was largely inadequate. My investigation was hampered by gaps in documentation, records that were not dated, not signed or did not include author details, and a general lack of
any apparent systematic record-keeping. My investigators were often required to go to a number of sources to locate documentation, and in some instances had to make requests direct to vendors regarding key documents relating to multi-million dollar contracts that Victoria Police had not retained or could not locate.” At that stage (2008-2009), Victoria Police’s annual IT budget was about $191 million.

I couldn’t help but chuckle when I saw this massive Victoria Police contract come up, given the notoriety which the organisation’s IT department is held within Australia’s technology sector.

I’ve got two things to say here. Firstly, it should be apparent to everyone involved in this fraught process that it will be closely examined afterwards, probably a few years afterwards, by state government auditors. Vendors will be asked for details, Victoria Police’s management will be asked for extensive records of the whole process, and eventually much of this will be made public. So I advise everyone involved to play this by the book. It should be obvious that vendors will need to stop their sales executives involved here from even spending too much on dinner with Victoria Police executives. We all saw how that got laid out so publicly — and most of the big vendors were involved in laying out the red carpet; not just IBM, but also Fujitsu and the then-Telstra’s KAZ (now part of Fujitsu), to name a few high-profile names.

Secondly, it should also be apparent that while most of this contract should be fairly standard, as it’s around enterprise IT infrastructure, the tricky part will come in maintaining Victoria Police’s application portfolio.

From the looks of it, the force has quite a lot of custom applications that it relies on, and quite a few are rated high-risk — if they suffer issues, then heads will roll as police officers aren’t able to get the information they need to do their job.

This is the backwash of decades where Australia’s public sector has believed strongly in the power of custom-built applications developed by major organisations such as Victoria Police. It’s a huge legacy, which is only gradually being phased out as organisations gradually shift onto more commercially developed systems which are gradually being standardised.

Couple this with the fact that Victoria Police has already demonstrated that it has extremely poor ICT project governance capability, and you have a wriggling nest of vipers which any IT vendor would be careful about going near. I expect the negotiations around that aspect of the IT outsourcing contract to be protracted.

To be honest, there’s only a few vendors who can handle this deal. IBM of course (and it’s probably already the frontrunner). HP, Fujitsu, CSC, perhaps Unisys, and perhaps even with some of these, there might be some ‘consortium’ action going on with some smaller players being brought in to carve off specific chunks. It will be interesting to see who responds to Victoria Police’s EOI.

If everything goes right during this contract, of course, Victoria Police’s ambitions could be realised, and it could result in a significant upgrade to its basic IT service delivery capability. But there’s a long road ahead, and I would expect quite a bit of turbulence along the way.

Image credit: @CJNewsAu, used with permission


  1. Never mind that it isn’t a Vic police vehicle.
    I’m just dying to know WTF it’s doing in the office? :-)

      • I can’t just use any images — I either need to licence them under commercial terms or via Creative Commons (CC-BY). It’s not as easy as you might think. If you have any CC shots of Victoria Police gear, please post a URL.

        • I think you’ll find that that is actually Punt Road oval in Richmond so it is a VicPol vehicle.

  2. groan here we go again

    ‘predominantly based on .NET and Microsoft Access, as well as “ASP classic”’ thar’s ya problem me hearties point and click programmers


  3. “yet retain control of strategic direction and governance” ie. they get to choose they toys. IT vendors to implement as “cheap” as possible. I don’t care what tools my mechanic uses when they service my car, and yet organisations feel they need to dictate every level of the architecture down to nuts and bolts level.

    • But at least you specify what the car should do when the mechanic is finished – eg Run.

  4. The main issue I have with these outsourcing projects, is that mostly the internal people don’t usually know enough to manage the projects or outsourcers and you end up with the same situation, at a greater expense.

Comments are closed.